*/ namespace Fisharebest\Webtrees; use Fisharebest\Webtrees\Controller\SimpleController; define('WT_SCRIPT_NAME', 'message.php'); require './includes/session.php'; // Some variables are initialised from GET (so we can set initial values in URLs), // but are submitted in POST so we can have long body text. $subject = Filter::post('subject', null, Filter::get('subject')); $body = Filter::post('body'); $from_name = Filter::post('from_name'); $from_email = Filter::post('from_email'); $action = Filter::post('action', 'compose|send', 'compose'); $to = Filter::post('to', null, Filter::get('to')); $method = Filter::post('method', 'messaging|messaging2|messaging3|mailto|none', Filter::get('method', 'messaging|messaging2|messaging3|mailto|none', 'messaging2')); $url = Filter::postUrl('url', Filter::getUrl('url')); $to_user = User::findByUserName($to); $controller = new SimpleController(); $controller->restrictAccess($to_user || Auth::isAdmin() && ($to === 'all' || $to === 'last_6mo' || $to === 'never_logged'))->setPageTitle(I18N::translate('webtrees message')); $errors = ''; // Is this message from a member or a visitor? if (Auth::check()) { $from = Auth::user()->getUserName(); } else { // Visitors must provide a valid email address if ($from_email && (!preg_match("/(.+)@(.+)/", $from_email, $match) || function_exists('checkdnsrr') && checkdnsrr($match[2]) === false)) { $errors .= '<p class="ui-state-error">' . I18N::translate('Please enter a valid email address.') . '</p>'; $action = 'compose'; } // Do not allow anonymous visitors to include links to external sites if (preg_match('/(?!' . preg_quote(WT_BASE_URL, '/') . ')(((?:ftp|http|https):\\/\\/)[a-zA-Z0-9.-]+)/', $subject . $body, $match)) {
/** * Generate the HTML content of this block. * * @param int $block_id * @param bool $template * @param string[] $cfg * * @return string */ public function getBlock($block_id, $template = true, $cfg = array()) { global $ctype, $controller, $WT_TREE; $action = Filter::get('action'); switch ($action) { case 'deletefav': $favorite_id = Filter::getInteger('favorite_id'); if ($favorite_id) { self::deleteFavorite($favorite_id); } break; case 'addfav': $gid = Filter::get('gid', WT_REGEX_XREF); $favnote = Filter::get('favnote'); $url = Filter::getUrl('url'); $favtitle = Filter::get('favtitle'); if ($gid) { $record = GedcomRecord::getInstance($gid, $WT_TREE); if ($record && $record->canShow()) { self::addFavorite(array('user_id' => $ctype === 'user' ? Auth::id() : null, 'gedcom_id' => $WT_TREE->getTreeId(), 'gid' => $record->getXref(), 'type' => $record::RECORD_TYPE, 'url' => null, 'note' => $favnote, 'title' => $favtitle)); } } elseif ($url) { self::addFavorite(array('user_id' => $ctype === 'user' ? Auth::id() : null, 'gedcom_id' => $WT_TREE->getTreeId(), 'gid' => null, 'type' => 'URL', 'url' => $url, 'note' => $favnote, 'title' => $favtitle ? $favtitle : $url)); } break; } $block = $this->getBlockSetting($block_id, 'block', '0'); foreach (array('block') as $name) { if (array_key_exists($name, $cfg)) { ${$name} = $cfg[$name]; } } $userfavs = $this->getFavorites($ctype === 'user' ? Auth::id() : $WT_TREE->getTreeId()); if (!is_array($userfavs)) { $userfavs = array(); } $id = $this->getName() . $block_id; $class = $this->getName() . '_block'; $title = $this->getTitle(); if (Auth::check()) { $controller->addExternalJavascript(WT_AUTOCOMPLETE_JS_URL)->addInlineJavascript('autocomplete();'); } $content = ''; if ($userfavs) { foreach ($userfavs as $key => $favorite) { if (isset($favorite['id'])) { $key = $favorite['id']; } $removeFavourite = '<a class="font9" href="index.php?ctype=' . $ctype . '&ged=' . $WT_TREE->getNameHtml() . '&action=deletefav&favorite_id=' . $key . '" onclick="return confirm(\'' . I18N::translate('Are you sure you want to remove this item from your list of favorites?') . '\');">' . I18N::translate('Remove') . '</a> '; if ($favorite['type'] == 'URL') { $content .= '<div id="boxurl' . $key . '.0" class="person_box">'; if ($ctype == 'user' || Auth::isManager($WT_TREE)) { $content .= $removeFavourite; } $content .= '<a href="' . $favorite['url'] . '"><b>' . $favorite['title'] . '</b></a>'; $content .= '<br>' . $favorite['note']; $content .= '</div>'; } else { $record = GedcomRecord::getInstance($favorite['gid'], $WT_TREE); if ($record && $record->canShow()) { if ($record instanceof Individual) { $content .= '<div id="box' . $favorite["gid"] . '.0" class="person_box action_header'; switch ($record->getsex()) { case 'M': break; case 'F': $content .= 'F'; break; default: $content .= 'NN'; break; } $content .= '">'; if ($ctype == "user" || Auth::isManager($WT_TREE)) { $content .= $removeFavourite; } $content .= Theme::theme()->individualBoxLarge($record); $content .= $favorite['note']; $content .= '</div>'; } else { $content .= '<div id="box' . $favorite['gid'] . '.0" class="person_box">'; if ($ctype == 'user' || Auth::isManager($WT_TREE)) { $content .= $removeFavourite; } $content .= $record->formatList('span'); $content .= '<br>' . $favorite['note']; $content .= '</div>'; } } } } } if ($ctype == 'user' || Auth::isManager($WT_TREE)) { $uniqueID = Uuid::uuid4(); // This block can theoretically appear multiple times, so use a unique ID. $content .= '<div class="add_fav_head">'; $content .= '<a href="#" onclick="return expand_layer(\'add_fav' . $uniqueID . '\');">' . I18N::translate('Add a new favorite') . '<i id="add_fav' . $uniqueID . '_img" class="icon-plus"></i></a>'; $content .= '</div>'; $content .= '<div id="add_fav' . $uniqueID . '" style="display: none;">'; $content .= '<form name="addfavform" method="get" action="index.php">'; $content .= '<input type="hidden" name="action" value="addfav">'; $content .= '<input type="hidden" name="ctype" value="' . $ctype . '">'; $content .= '<input type="hidden" name="ged" value="' . $WT_TREE->getNameHtml() . '">'; $content .= '<div class="add_fav_ref">'; $content .= '<input type="radio" name="fav_category" value="record" checked onclick="jQuery(\'#gid' . $uniqueID . '\').removeAttr(\'disabled\'); jQuery(\'#url, #favtitle\').attr(\'disabled\',\'disabled\').val(\'\');">'; $content .= '<label for="gid' . $uniqueID . '">' . I18N::translate('Enter an individual, family, or source ID') . '</label>'; $content .= '<input class="pedigree_form" data-autocomplete-type="IFSRO" type="text" name="gid" id="gid' . $uniqueID . '" size="5" value="">'; $content .= ' ' . FunctionsPrint::printFindIndividualLink('gid' . $uniqueID); $content .= ' ' . FunctionsPrint::printFindFamilyLink('gid' . $uniqueID); $content .= ' ' . FunctionsPrint::printFindSourceLink('gid' . $uniqueID); $content .= ' ' . FunctionsPrint::printFindRepositoryLink('gid' . $uniqueID); $content .= ' ' . FunctionsPrint::printFindNoteLink('gid' . $uniqueID); $content .= ' ' . FunctionsPrint::printFindMediaLink('gid' . $uniqueID); $content .= '</div>'; $content .= '<div class="add_fav_url">'; $content .= '<input type="radio" name="fav_category" value="url" onclick="jQuery(\'#url, #favtitle\').removeAttr(\'disabled\'); jQuery(\'#gid' . $uniqueID . '\').attr(\'disabled\',\'disabled\').val(\'\');">'; $content .= '<input type="text" name="url" id="url" size="20" value="" placeholder="' . GedcomTag::getLabel('URL') . '" disabled> '; $content .= '<input type="text" name="favtitle" id="favtitle" size="20" value="" placeholder="' . I18N::translate('Title') . '" disabled>'; $content .= '<p>' . I18N::translate('Enter an optional note about this favorite') . '</p>'; $content .= '<textarea name="favnote" rows="6" cols="50"></textarea>'; $content .= '</div>'; $content .= '<input type="submit" value="' . I18N::translate('Add') . '">'; $content .= '</form></div>'; } if ($template) { if ($block) { $class .= ' small_inner_block'; } return Theme::theme()->formatBlock($id, $title, $class, $content); } else { return $content; } }